Pages

Monday, 24 August 2015

Thousands of Cars Vulnerable to Keyless Theft, According to Researchers

Cars at Risk of Electronic Hacking

According to computer scientists, thousands of cars inclusive of high end-marques like the Porsches as well as the Maseratis are at risk of electronic hacking, since the research has been stifled for two years by court injunction for fear that it would help thieves to steal vehicles to order. It emphases a weakness in the Megamos Crypto system which is a kind of technology utilised by big manufacturers like Audi, Fiat, Honda, Volvo and Volkswagen.

It is invented to avert a car engine being started without the presence of a keyfob which contains the accurate radio frequency identification chip. Nevertheless, researchers at the Birmingham University and Radbound University in Nijmegen, the Netherlands are capable of intercepting signals that are sent between the chip and the car.

Listening twice enables them to utilise a process of reverse engineering, by using a commercially available computer programmer in order to identify the secret codes that are used in starting the car. According to Director of Cyber Security at the University of Warwick, Tim Watson who told Bloomberg that `it is not a theoretical weakness, it is an actual one it does not cost theoretical dollars to fix, it costs actual dollars’.

Publication Ban Denied Public Crucial Information

In 2012, the flaw had been identified by the researchers though Volkswagen won High Court injunctions in the prevention of its publication one year later. The motoring giant had commented that the work of Flavio Garcia, at Birmingham University and his two Dutch colleagues would allow someone especially a sophisticated criminal gang with the right tools, to break the security and steal a car’.

In reply, the researchers had debated that a publication ban denied the public crucial information with regards to security of their vehicles. Eventually they could reveal their results at the Usenix Security Symposium in Washington at the weekend with a sentence redacted.

`Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobiliser’, their paper, gives a description on how they began their research while police state that they were perplexed by the rising numbers of `keyless car theft’.

Chip System to Be Changed

The research had been published on the ground that the ban should block all essential information from the knowledge of the public. According to the Metropolitan Police, around 6000 vehicles seemed to be stolen without keys last year, half of which were all thefts.

The paper concluded that `the implications of the attacks portrayed in the paper were particularly serious for those vehicles having keyless ignition. At some point the mechanical key had been removed from the vehicle though the cryptographic mechanisms had not been strengthened to compensate it.

It is recommended that the chip system be changed to one which could include a random number generator and thus make it difficult to use intercepted transmission in order to break the codes.